We’ve noticed some highly targeted and apparently politically motivated attacks against our users. We believe activists may have been a specific target. We’ve also seen attacks against users of another popular social site. All these attacks abuse a publicly-disclosed MHTML vulnerability for which an exploit was publicly posted in January 2011. Users browsing with the Internet Explorer browser are affected.

To help protect users of our services, we have deployed various server-side defenses to make the MHTML vulnerability harder to exploit. That said, these are not tenable long-term solutions, and we can’t guarantee them to be 100% reliable or comprehensive. We’re working with Microsoft to develop a comprehensive solution for this issue.

The abuse of this vulnerability is also interesting because it represents a new quality in the exploitation of web-level vulnerabilities. To date, similar attacks focused on directly compromising users' systems, as opposed to leveraging vulnerabilities to interact with web
services.

As I become more paranoid about my safety everywhere, it seems as though the biggest threat is from the Net - or more precisely - the ongoing threat caused by people who use Microsoft products from Browsers to Servers.The only apparent solution would be to punish people for using these products the way irresponsible people are finally being punished for texting while driving.

I second the request for more information about what specific type of activist is being targeted. This information could be vital to protecting people in future. Please share at least the general topic of the activism.

i had two accounts with google mail which i had been using for years now. yesterday i could not access both the accounts and when it was open i had a warning that the accounts were acessessed by an ip no. based in china and duely instructed me to change my passwords. in the inbox i could see the mass mail circualted using my id which was returned non delivered by some addressees.

internet explorer is targeted because its the most popular browser. if everyone changed to firefox for example, do you think that attacks would suddenly stop? if you do your totally nieve and unrealistic. Internet explorer is popular, and whether you agree with that or not its not good enough to blame microsoft for the actions of those who will attack them. If firefox had the same market share - then firefox would be under attack. Microsoft bashing is all well and good, but at least have a coherant argument!

@PlexorAre you for real? Punish people for using IE? People had to use IE in the past, which, quite rightly was fought and won against. Now to punish people for using IE is worse! Say someone uses IE and doen't have a GMail account? Say someone finds a way to hack into ALL browsers, does everyone get punished?Microsoft are to blame and should be punished, not the users.

I've found that any Microsoft product I've used has eventually encountered technical issues. While I understand the price of an iMac or another Apple product can sometimes be prohibitive, I've been using an iMac for several years and encountered very few issues - when I have the issue has been easily resolved. Safari all the way!

i wonder how many microsoft bashers here are actually using a microsoft operating system, and often use other microsoft software...

as far mac's being safe - indeed the are more secure - but again - only because the number of worldwide users are so so much smaller than those using microsoft products. Someone who is set to attack a group of users will obviously go for the largest user base, to cause the most disruption. Macs, safari, firefox are only safe because microsoft is taking the hit for you, not because the software or hardware is any better or more intelligently created. Im well aware of microsofts shortfalls, but i think everyone should imagine a world without microsoft products, sure there linux and all the different flavours thereof, but can you seriously imagine most of the population trying to be productive on a unix box?? absolutly wony happen. unix and linux are excellent - for specific uses. for a user friendly, easy to learn based market- no they arent fit for that purpose.

Chinese government is becoming the new hidden Nazi now. It is torturing ,murdering and fooling its own ordinary citizen inside china. It has more than a quarter of a million internet polices doing all kinds of attacks, stealing info from other countries. The Chinese government is the biggest hiker organization in the world, it going to rule the world by its Mafia rules. All the west countries should work together to fight with it now in order to save everyone include chinese in the world.

People in China(here) use gmail because they belive the service of the world's best company is reliable.Google people ,please don't let us down.People may be put in a black jail because they offended the system,that's not a joke.I just don't know where the history is aheading...Anyway,we enjoyed youtube through自由门very much...the world is awesome!

Bob said: "internet explorer is targeted because its the most popular browser ... If firefox had the same market share - then firefox would be under attack."

Have a look at http://en.wikipedia.org/wiki/Usage_share_of_web_browsers The page says that in Feb 2011 the usage shares of most popular browsers were: IE 43.55%, FF 29%, Chrome 13.89%. So, the popularity of IE is not much larger than that of FF, but still IE is much more exploited for cyber attacks. I conclude that IE is much more vulnerable.

in the past day i had to change my password 3-4 times, somebody is accessing my e-mail and signing up for things, one that i know of so far. who is finding my passwords and not allowing me on unless i change it every time?please help, i'm sick of it.

You can't blame users for using the standard browser shipped with the OS. We should have some kind of a regulatory body that has the authority to fine companies for security vulnerabilities in their products. You can't just make people agree to a long list of terms and conditions and then not take responsibility for your incompetency.

Bob - you live in a dream world. Me telling you that won't change you though as you have massively consumed the MS kool-aid.My company is 90% Unix/Linux and the users don't have any issues with the technology. Most of them don't even *know* they are running Linux.